diff --git a/roles/rke2/tasks/fix_selinux.yml b/roles/rke2/tasks/fix_selinux.yml
index e35389f5c0f01006ffccdd98c97f1e3ac0f4e477..1f5419c76c7528e9f01cd2f069a7dc85067a7c4a 100644
--- a/roles/rke2/tasks/fix_selinux.yml
+++ b/roles/rke2/tasks/fix_selinux.yml
@@ -1,14 +1,23 @@
+- name: Sleep for 45 seconds so that the helm operator has deployed the deamonset
+  ansible.builtin.wait_for:
+    timeout: 45
+  delegate_to: localhost
+
 - name: kill the openstack ccm pods to make sure they boot in permissive mode
   shell: "/var/lib/rancher/rke2/bin/kubectl --kubeconfig /etc/rancher/rke2/rke2.yaml rollout restart -n kube-system ds openstack-cloud-controller-manager "
   register: openstack_ccm_ready
+  until: openstack_ccm_ready.sdtout
+  retries: 2
+  delay: 30
   when: ( 'master' in group_names )
+  ignore_errors: True
 
-
-- name: Sleep for 300 seconds and continue with play
+- name: Sleep for another 30 seconds so that the OS-CCM has had time to boot up
   ansible.builtin.wait_for:
     timeout: 30
   delegate_to: localhost
 
+
 # - name: Wait for all control-plane pods to become created
 #   shell: "/var/lib/rancher/rke2/bin/kubectl --kubeconfig /etc/rancher/rke2/rke2.yaml get po --namespace=kube-system --selector tier=control-plane --output=jsonpath='{.items[*].metadata.name}'"
 #   register: control_plane_pods_created